US Defence Industry Disappointed By Major Cyber Attacks
The US defence industry is disappointed by major cyber attacks that resulted in hackers getting hold of secure information about millions of US citizens, including those that work on sensitive arms projects, executives have said.
Information about widespread attacks on the US Office of Personnel Management were first disclosed in June and more details are still being brought forward. The attacks have been linked to China, but China denies involvement in the breaches. Executives in the US defence industry claim that the breaches could lead to more vulnerabilities in the network, opening it up to further attacks. Many of the executives employ a large number of people who are likely to have had their information stolen, and the executives also have important security clearances too.
According to experts, the data stolen from databases at the Office of Personnel includes Social Security numbers of workers, their families and friends, which could be used by hackers to make targeted attacks on weapons programs, guess passwords or create files on important individuals.
In January it was reported by a chief weapons tester that the majority of programs are vulnerable to attack and this has led to the US Senate Armed Services Committee pledging to increase the Pentagon’s 2016 budget by $200 million for a review of the programs. Weapons makers say that they receive thousands of attacks every day from attackers with links to China and Russia who hope to steal information about weapons and networks of satellites.
Dave Wajsgras, head of Raytheon Co’s Intelligence, Information and Services has said “it’s very disappointing that this information was seemingly as easy to get at as it was. There is a tsunami of threats that exist in the cyber domain today. It’s something that we all collectively need to take much more seriously”.
According to sources, weapons programs such as information about a new bomber have segregated servers to keep the information safe. Lots of big companies have sophisticated systems that are designed to keep hackers out. However, there have been reports that the data stolen from OPM wasn’t encrypted and so it would have been easier for hackers to acquire and use the information.
Details of the OPM attacks came to light shortly before a biennial trade show in Paris for this US business people must travel with practically new computers and only a small number of devices in order to maintain high levels of security.
Brian Kaveney, head of Security Clearance at Armstrong Teasdale has said that any small amount of personal information can be valuable to hackers. Last year servers were hacked at the US Navy and US Marine Corps, which has caused questions about why the OPM did not add new security measures to make sure that important personal information could not be stolen during attempted cyber breaches.
After the attacks had been disclosed, Textron Inc and Boeing Co sent security alerts to their workers, reminding them about security threats such as phishing scams and asking them to be on the lookout to make sure security standards were maintained. F-35 fighter jet maker Lockheed Martin Corp, who supplies a large number of items to the Pentagon, said that regular cyber testing is a normal part of the way it operates in order to check both networks and employees. In addition, it works to make sure the F-35 is secure by liaising with buyers and suppliers globally.
It has been estimated that the details of at least 4 million employees and applicants were stolen during the server hacks and it is suspected that the hackers behind the attacks are using the data to build large databases of information. While it has been speculated that there is a foreign government behind the attacks, there is a huge online market for individual hackers with no particular affiliations.
The major cyber attacks are still being investigated, but the finger continues to point at China as the origin and whether the Chinese government sponsored the attacks is still unknown. There have been ongoing talks between the US and China in which the Chinese government has agreed to try to crack down on hacking as well as cooperate with US on issues of cyber theft.